Donate

RSS Feed

Halo Custom Edition Article

I can't connect to Servers on the Internet
Most people use either a router/firewall appliance or a software firewall to protect their computers from the Internet. When you use a router or firewall it effectively blocks all traffic from the Internet trying to connect to your PC. In many cases the Firewall ALSO blocks traffic leaving your computer. This is done to prevent a malicious programs from exposing your information.

Halo CE utilizes port 80 (HTTP) to request the listing of servers on the Internet from Gamespy however once you decide to actually connect to a server Halo CE will try to connect to the port that server is running on. Most servers utilize ports 2302 and 2303 for making connections however the server operator can change them to something else.

To maintain your protection from hackers you only need to open certain ports on the router/firewall. It is NOT recommended that you place the PC in the routers DMZ because this opens ALL ports to the Internet.

If you are running a Router/Firewall or a software firewall OR Windows XP service pack 2, which has a built in firewall, you need to open these ports: The Microsoft reference documents are here:

Network ports required in Halo multiplayer game

Article ID

:

829473

Last Review

:

June 17, 2005

Revision

:

2.1

On This Page

SUMMARY

This article describes the ports that you must have open to play Microsoft Halo: Combat Evolved as a multiplayer game through a firewall, a proxy server, a router, a Network Address Translation (NAT) device, or Internet Connection Sharing.

MORE INFORMATION

Microsoft Windows firewall

With Microsoft Windows XP Service Pack 2 (SP2), you do not have to manually create port exceptions in the firewall. You may now create exceptions for the program itself. To do this, follow these steps.

Note Never open a port for a program that you do not recognize.

1.

Click Start, and then click Control Panel.

2.

Click Security Center.

3.

Click Windows Firewall.

4.

Click the Exceptions tab.

5.

Click Add Program.

6.

Click Browse.

7.

Locate the game's executable files, and then click Open. By default, this game is installed in one of the following locations:

C:\Program Files\Microsoft Games\Halo\halo.exe

C:\Program Files\Microsoft Games\Halo\haloupdate.exe

8.

Click OK two times.

For more information about how to use the Windows firewall, click the following article number to view the article in the Microsoft Knowledge Base:

842242 () Some programs seem to stop working after you install Windows XP Service Pack 2

If you are not using the Windows Firewall, you may still have to know the ports that are used by the game when you configure your network.

Port listing

The following DirectPlay ports must be open for you to play a game over a local area network (LAN), to play a direct Internet multiplayer game, or to play a game through GameSpy Internet Matchmaking:

•

80 (Transmission Control Protocol [TCP]) - Halo looks to see if there is a Halo update available. If there is an update, Halo downloads the update through this port.

•

2302 (User Datagram Protocol [UDP]) - the game host listens on this port.

•

2303 (UDP) - the game client connects to the game host through this port.

Each time that you join or create an Internet multiplayer game, Halo automatically checks the Internet for the latest Halo update. You can also run the stand-alone updating tool, Haloupdate.exe, from the root of the folder where Halo is installed. (For example, you might use this tool to run the check in batch mode.) Halo uses HTTP to look for updates.

To verify that these ports are open or to open these ports, ask your network administrator or contact your Internet service provider (ISP). If you are the administrator of the network, see the documentation for your networking software or hardware to determine the steps to open these ports.

You can change the host and client ports if you have to customize Halo to work on your network. If your network is configured so that the default port range does not work, you must set the ports to values that you know will work. To customize the host and client ports for your network, follow these steps:

1.

Start Halo.

2.

Click Profiles.

3.

Select the profile that you want to change network settings for.

4.

Click OK.

5.

Click Settings, and then click Network Setup.

6.

Click Host Port or Client Port, and then type the correct number.

7.

Click OK.

For more information, see the second article link in the "References" section of this article.

You can play Halo games from behind most routers and NAT devices. If you have difficulty connecting from behind a router, review your router documentation to make sure that the host and client ports are not blocked for your computer.

REFERENCES

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

DirectX: Ports required to play on a network

Article ID

:

240429

Last Review

:

December 12, 2005

Revision

:

10.2

This article was previously published under Q240429

SUMMARY

This article describes the default ports that are required to play Microsoft Windows DirectX multiplayer games through a firewall, a proxy server, a router, Network Address Translation (NAT), or Internet Connection Sharing. For the specific ports that are required by your game, see the game product documentation. For the ports that are required by games that are published by Microsoft, visit the following Microsoft Web site:

To verify that these ports are open or to open these ports, contact your network administrator or Internet service provider (ISP).

If you are the administrator of the network, see the documentation that is provided with your networking software to determine the steps that you should follow to open these ports.

To play DirectX games through a network firewall or proxy server, the following requirements must be met:

•

To guarantee DirectPlay compatibility, the latest version of DirectX should be installed on the computers that are used by all players who participate in the game.

•

The following TCP and UDP ports must be open on the firewall or proxy server:

Using DirectX 7 or an earlier version

Connection

Ports for Client Configuration

Ports for Host Configuration

Initial TCP Connection

47624 Outbound

47624 Inbound

Subsequent TCP Inbound

2300-2400

2300-2400

Subsequent TCP Outbound

2300-2400

2300-2400

Subsequent UDP Inbound

2300-2400

2300-2400

Subsequent UDP Outbound

2300-2400

2300-2400

Using DirectX 8 or a later version

Connection

Ports for Client Configuration

Ports for Host Configuration

Initial UDP Connection

6073 Outbound

6073 Inbound

Subsequent UDP Inbound

2302-2400

2302-2400

Subsequent UDP Outbound

2302-2400

2302-2400

To determine the DirectPlay method for games that use the DirectPlay Lobby service, follow these steps:

1.

Click Start, click Run, type dxdiag in the Open box, and then click OK.

2.

Click the Save All Information button to save a Dxdiag.txt report.

3.

Click Desktop, and then click Save.

4.

Open the DxDiag.txt file on your desktop and find the section marked "DirectPlay Lobbyable Apps".

Note that each game listed here will report either "(DX7)" or "(DX8)" which corresponds to its DirectPlay connection method.

Note DirectPlay8 games can work with the Internet Connection Firewall (ICF) capabilities of Microsoft Windows XP. When the game starts to host, enumerate, or connect, the appropriate ports will automatically open and when the game quits, these ports will automatically close.

Additionally, Microsoft Windows Millennium Edition (Me) Internet Connection Sharing, Windows XP Internet Connection Sharing, and UPnP-compliant NATs cooperate with DirectPlay8 to make it possible to run full-featured, DirectPlay8 sessions through the NAT. Users can host or join DirectPlay8 sessions that are hosted inside or outside the NAT. No special configuration is required.

If you are using UPnP compliant network devices and are having difficulty, verify the following:

•

When you use Windows XP, make sure that you log on as an administrator.

•

If you use a hardware NAT, contact the manufacturer to see if the hardware is UPnP-compliant or if there are any updates for it, if it is not.

•

When you use Windows XP Internet Connection Sharing, make sure that the Allow other network users to control or disable the shared Internet connection and the Protect my computer and network by limiting or preventing access to this computer from the Internet check boxes are selected in the shared network device's properties.

•

A client on a Windows Millennium Edition (Me) Internet Connection Sharing computer must join the session before any client behind the NAT joins the session or else the Internet Connection Sharing computer cannot join.

For more information about Internet Connection Sharing, click the following article numbers to view the articles in the Microsoft Knowledge Base:

GameSpy Arcade is 100% reliant on your Internet connection being fully functional. The same holds true for any games that you want to play online against other people. Firewalls and proxy servers are designed to block your Internet connection in order to minimize the chances that your computer will be accessed (or hacked!) by "unwanted visitors." They also have the unfortunate side-effect of disabling many of the things you might want to do online -- like play games -- since these activities depend on your PC making an unimpeded connection to other computers. Therefore, if you are using a firewall or proxy, Arcade may not function properly nor will you be able to download and install all of the files that you need in order to use the software to play games online.

Connecting to different places online requires access through "ports" in your PC's Internet connection, and firewalls and proxies will close certain ports for your protection. This is not always necessary, but you as the firewall/proxy owner are the only one who can open those ports. We can't do it for you - but we can give you some tips on how to configure your firewall / proxy to allow Arcade to work properly.

What is a firewall or proxy?

Firewalls and proxies are software programs or pieces of hardware designed to protect your computer and/or network from Internet intruders. Some of these are:

If you are behind a firewall/proxy and are able to change its settings, Arcade needs the following TCP ports open in order to function:

6667 (IRC)

3783 (Voice Chat Port)

27900 (Master Server UDP Heartbeat)

28900 (Master Server List Request)

29900 (GP Connection Manager)

29901 (GP Search Manager)

13139 (Custom UDP Pings)

6515 (Dplay UDP)

6500 (Query Port)

University Internet connections - Universities usually protect their networks with firewalls. In most cases these cannot be opened by you the user. You'll have to consult a technician at your University to see if a workaround is possible. It might be necessary to open more ports in order to run certain games. Also, please not that this is a list of recommended ports. It does not mean that your particular firewall will be easy to configure. Please consult your firewall/proxy manufacturer for detailed instructions. In reality, getting Arcade to work on certain restrictive networks may even be a little harder than opening these ports. DirectPlay games in all likelihood will not launch properly at all.

Disabling firewalls will not workUnfortunately, in most cases, firewalls/proxies cannot simply be disabled in order to allow you to use Arcade and your game. Disabling the firewall / proxy will not open the necessary ports. It will simply shut down the firewall/proxy and leave the ports closed. Also, many factors may conflict with your firewall: Internet Connection Sharing, the use of more than one firewall, or your operating system may all cause conflicts that keep you from enjoying Arcade. To work around these issues, you will need to consult the manufacturer of your firewall/proxy.

Special notes to Windows XP users: Windows XP has a built-in firewall. If you are using 3rd party firewalls/proxies with Windows XP, you will have to consult both the firewall/proxy developer and Microsoft to determine their compatibility with one another. You will also need to speak to your game's developer in order to determine the game's compatibility with WindowsXP, its firewall and your 3rd party firewall/proxy.

Many broadband service providers are reporting an incompatibility between Windows XP and some high-speed modems. Please consult your Internet Service Provider to ensure your Windows XP compatibility with their modem and software.

What errors might I see caused by my firewall/proxy?

Aphex.exe has caused an illegal operation in Module (followed by a sting of several numbers). Arcade is telling you that it was disconnected from the Internet, which in turn caused an error to occur in the Arcade software (which won't function without an Internet connection). Many firewalls will disconnect a program that they feel is creating a risk if the firewall is not configured in advance to allow it.

Game version does not match (and I KNOW I patched my game right!).Firewalls essentially place games in the dark -- if you are using a firewall/proxy, the game cannot see itself or its version, and will return this error.

My Profile didn't save. I used it yesterday and now it's not there!If you are behind a firewall, Arcade can not actually communicate with GameSpy's database (where your profile is stored). As long as you are behind the firewall, Arcade may never save profiles you create, nor will it recognize you to compare to our registration database if you are registered. Firewalls have to be configured for Arcade to have a "clear shot" at the database and save your information. This can be corrected by properly configuring your firewall with permissions for Arcade.

When I enter a game room, no game servers come up.This is most likely because the port for our master server is blocked and it cannot refresh your game list. See the lists of ports above, and configure your firewall appropriately.

My friend asked for authorization to add me as a buddy and I never receive his/her request.Once again, an incoming port is blocked, and this has prevented you from receiving any information sent to you through Arcade. Open the ports, and the information will flow like beer through Homer Simpson.

When I host a game it never shows up on the list in the room.Your firewall/proxy is protecting your connection, and this overactive security is not letting Arcade transmit your game information beyond your PC. Therefore, your listing will not show up in Arcade, and no one will be able to join your game.

When I try to activate my registration it says "Not a valid email address"! I used the correct email address in my Profile for registering.If your firewall/proxy is blocking our database from seeing you it will not recognize you when you attempt to log on, nor will it be able to exchange information with your computer necessary to validate your registration status.

Disabling / Setting Permissions on Specific Firewall Programs

We do not recommend disabling your firewall. Disabling it will not make it open up the ports it has already closed. Instead, you need to configure it to allow access to Arcade. This is usually called "giving permission," and can be accomplised quickly by following these steps:

Windows XP Service Pack 2 -- The built-in firewall that comes bundled with Windows XP will affect two areas of your Arcade experience: 1) Arcade itself (including the login process, using PlayerSpy, chat, using the Download Manager and playing games) and 2) Hosting any parlor or peer-to-peer games. In order to use Arcade and play games properly with Windows XP, you should follow these steps:

1) Unblocking GameSpy Arcade During Login: Click the "Unblock" button in the Windows XP firewall prompt the first time you attempt to log into Arcade atfer installing Service Pack 2

2) Unblocking GameSpy Arcade via Control Panel: If you forgot to click "Unblock" in Step 1, or if you want to be ahead of the curve, you can configure the XP firewall to unblock Arcade via the Windows Control Panel. To do this: Click on Start > Settings > Control Panel > Windows Firewall. In the Windows Firewall menu, Click on the Exceptions tab. If GameSpy Arcade is not listed, Click on the Add Program button, find GameSpy Arcade on the list of available programs and click the OK button.

3) Unblocking Your Games: This can be done in one of two ways: a) Either wait for Windows to prompt you to unblock the game and click the Unblock button (this usually happens the first time you attempt to host a game after installing Service Pack 2, or; b) Use the Windows Control Panel to add the game to your list of Exceptions, using the same method listed in step 2 above.

4) Unblocking Ports: You can take the unblocking process a step further by instructing Windows to open the Firewall to all ports used by GameSpy Arcade and most of its supported games. To do this: Click on Start > Settings > Control Panel > Windows Firewall. From the Windows Firewall Menu, click on the Exceptions tab, then click on the Add Ports button. From the Add Ports Menu, enter a port from the list of ports at the top of this Arcade support page. Be sure to indicate whether this is a UDP or TCP port (the list above should indicate which it is).

Black Ice - Set the security level to low.

ZoneAlarm - The best course of action for ZoneAlarm, in our experience, is to make sure it allows your online applications. Make sure that, when you open Arcade and ZoneAlarm alerts you that Aphex.exe is trying to access the Internet, you allow it to do so, and check the box to "remember this application." It will ask again later if you want to allow the downloading of config files. Again, tell it to allow it and remember. You can still leave ZoneAlarm on medium to high security. But don't forget that it will also want to ask for your permission for each and every game you play the first time you start it up. If not told to allow your game and remember your settings, you will again encounter difficulties.

Alternately, but less effective, set ZoneAlarm to recognize Arcade as a part of your Local Network and set both local and Internet settings to "Low."

Norton Internet Security 2002 - NIS2002 is really quite simple. All it takes is giving GameSpy Arcade and your game permission. See the pictures below. Do not attempt to provide Custom Settings. Just follow the simple method below and you'll be good to go:

Step 1 - Grant GameSpy Arcade Internet Access

Step 2 - Grant file downloading by GameSpy Arcade Internet Access

Step 3 - Grant Internet Access to your games. This may not be apparent, as the window may pop up behind other programs.